Source string Read only

(itstool) path: sect1/title
8/100
Context English State
Since FreeBSD is developed as a complete operating system, user-installed applications are not considered to be part of the <quote>base</quote> system. User-installed applications are generally installed using <link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/ports-using.html">Packages or Ports</link>. In order to keep them separate from the base system, user-installed applications are installed under <filename>/usr/local/</filename>. Therefore, user-installed binaries reside in <filename>/usr/local/bin/</filename>, configuration files are in <filename>/usr/local/etc/</filename>, and so on.
Services are enabled by adding an entry for the service in <filename>/etc/rc.conf</filename> . The system defaults are found in <filename>/etc/defaults/rc.conf</filename> and these default settings are overridden by settings in <filename>/etc/rc.conf</filename>. Refer to <citerefentry><refentrytitle>rc.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information about the available entries. When installing additional applications, review the application's install message to determine how to enable any associated services.
The following entries in <filename>/etc/rc.conf</filename> enable <citerefentry><refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, enable <application>Apache 2.4</application>, and specify that <application>Apache</application> should be started with <acronym>SSL</acronym>.
# enable SSHD
sshd_enable="YES"
# enable Apache with SSL
apache24_enable="YES"
apache24_flags="-DSSL"
Once a service has been enabled in <filename>/etc/rc.conf</filename>, it can be started without rebooting the system:
<prompt>#</prompt> <userinput>service <replaceable>sshd</replaceable> start</userinput>
<prompt>#</prompt> <userinput>service <replaceable>apache24</replaceable> start</userinput>
If a service has not been enabled, it can be started from the command line using <option>onestart</option>:
<prompt>#</prompt> <userinput>service <replaceable>sshd</replaceable> onestart</userinput>
Network Configuration
Instead of a generic <emphasis>ethX</emphasis> identifier that <trademark class="registered">Linux</trademark> uses to identify a network interface, FreeBSD uses the driver name followed by a number. The following output from <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry> shows two <trademark class="registered">Intel</trademark> Pro 1000 network interfaces (<filename>em0</filename> and <filename>em1</filename>):
<prompt>%</prompt> <userinput>ifconfig</userinput>
em0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
options=b&lt;RXCSUM,TXCSUM,VLAN_MTU&gt;
inet 10.10.10.100 netmask 0xffffff00 broadcast 10.10.10.255
ether 00:50:56:a7:70:b2
media: Ethernet autoselect (1000baseTX &lt;full-duplex&gt;)
status: active
em1: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
options=b&lt;RXCSUM,TXCSUM,VLAN_MTU&gt;
inet 192.168.10.222 netmask 0xffffff00 broadcast 192.168.10.255
ether 00:50:56:a7:03:2b
media: Ethernet autoselect (1000baseTX &lt;full-duplex&gt;)
status: active
An <acronym>IP</acronym> address can be assigned to an interface using <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>. To remain persistent across reboots, the <acronym>IP</acronym> configuration must be included in <filename>/etc/rc.conf</filename>. The following <filename>/etc/rc.conf</filename> entries specify the hostname, <acronym>IP</acronym> address, and default gateway:
hostname="server1.example.com"
ifconfig_em0="inet 10.10.10.100 netmask 255.255.255.0"
defaultrouter="10.10.10.1"
Use the following entries to instead configure an interface for <acronym>DHCP</acronym>:
hostname="server1.example.com"
ifconfig_em0="DHCP"
Firewall
FreeBSD does not use <trademark class="registered">Linux</trademark> <application>IPTABLES</application> for its firewall. Instead, FreeBSD offers a choice of three kernel level firewalls:
<link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html">PF</link>
<link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html">IPFILTER</link>
<link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html">IPFW</link>
<application>PF</application> is developed by the OpenBSD project and ported to FreeBSD. <application>PF</application> was created as a replacement for <application>IPFILTER</application> and its syntax is similar to that of <application>IPFILTER</application>. <application>PF</application> can be paired with <citerefentry><refentrytitle>altq</refentrytitle><manvolnum>4</manvolnum></citerefentry> to provide <acronym>QoS</acronym> features.
This sample <application>PF</application> entry allows inbound <application>SSH</application>:
pass in on $ext_if inet proto tcp from any to ($ext_if) port 22
<application>IPFILTER</application> is the firewall application developed by Darren Reed. It is not specific to FreeBSD and has been ported to several operating systems including NetBSD, OpenBSD, SunOS, HP/UX, and Solaris.
The <application>IPFILTER</application> syntax to allow inbound <application>SSH</application> is:
pass in on $ext_if proto tcp from any to any port = 22
<application>IPFW</application> is the firewall developed and maintained by FreeBSD. It can be paired with <citerefentry><refentrytitle>dummynet</refentrytitle><manvolnum>4</manvolnum></citerefentry> to provide traffic shaping capabilities and simulate different types of network connections.
The <application>IPFW</application> syntax to allow inbound <application>SSH</application> would be:
ipfw add allow tcp from any to me 22 in via $ext_if
Updating FreeBSD
There are two methods for updating a FreeBSD system: from source or binary updates.

Loading…

No matching activity found.

Browse all component changes

Glossary

English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: sect1/title
Flags
read-only
Source string location
article.translate.xml:312
String age
a year ago
Source string age
a year ago
Translation file
articles/linux-users.pot, string 61